Sample code for 30+ languages & platforms
AutoIt

Get Access Token using a Pre-Created JSON Web Token

See more ABN AMRO Examples

Demonstrates how to get an access token using a pre-created JSON Web Token (JWT).

Chilkat AutoIt Downloads

AutoIt
Local $bSuccess = False

; This example requires the Chilkat API to have been previously unlocked.
; See Global Unlock Sample for sample code.

; We're going to duplicate this CURL statement:
; curl -X POST https://api-sandbox.abnamro.com/v1/oauth/token \
; -H "Content-Type: application/x-www-form-urlencoded" \
; -H "API-Key: xxxxxx" \
; -d 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=client_credentials&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ4eHh4eHgiLCJleHAiOiIxNDk5OTQ3NjY4IiwiaXNzIjoibWUiLCJhdWQiOiJodHRwczovL2F1dGgtc2FuZGJveC5hYm5hbXJvLmNvbS9vYXV0aC90b2tlbiJ9.jGwHKG_YjgKpR8NPpaLu6nJ97obeP2vcxg6fOWBKdJ0&scope=tikkie'

; Load our pre-creaed private key PEM file.
; Note: Please share your public key along with your app name and developer email id at api.support@nl.abnamro.com. 
; Token generation will not work unless public key is associated with your app.
$oPrivkey = ObjCreate("Chilkat.PrivateKey")

$bSuccess = $oPrivkey.LoadPemFile("qa_data/pem/abnAmroPrivateKey.pem")
If ($bSuccess = False) Then
    ConsoleWrite($oPrivkey.LastErrorText & @CRLF)
    Exit
EndIf

; Create the JWT.
$oJwt = ObjCreate("Chilkat.Jwt")

; Create the header:
; {
;     "typ": "JWT",
;     "alg": "RS256"
; }
$oJsonHeader = ObjCreate("Chilkat.JsonObject")
$oJsonHeader.UpdateString("typ","JWT")
$oJsonHeader.UpdateString("alg","RS256")

; Create the payload:
; {
;     "nbf": 1499947668,
;     "exp": 1499948668,
;     "iss": "me",
;     "sub": "anApiKey",
;     "aud": "https://auth-sandbox.abnamro.com/oauth/token"
; }
$oJsonPayload = ObjCreate("Chilkat.JsonObject")

Local $iCurDateTime = $oJwt.GenNumericDate(0)

; Set the "not process before" timestamp to now.
$bSuccess = $oJsonPayload.AddIntAt(-1,"nbf",$iCurDateTime)

; Set the timestamp defining an expiration time (end time) for the token
; to be now + 1 hour (3600 seconds)
$bSuccess = $oJsonPayload.AddIntAt(-1,"exp",$iCurDateTime + 3600)

$oJsonPayload.UpdateString("iss","me")
$oJsonPayload.UpdateString("sub","anApiKey")
$oJsonPayload.UpdateString("aud","https://auth-sandbox.abnamro.com/oauth/token")

; Produce the smallest possible JWT:
$oJwt.AutoCompact = True

Local $sJwtStr = $oJwt.CreateJwtPk($oJsonHeader.Emit(),$oJsonPayload.Emit(),$oPrivkey)
If ($oJwt.LastMethodSuccess = False) Then
    ConsoleWrite($oJwt.LastErrorText & @CRLF)
    Exit
EndIf

$oHttp = ObjCreate("Chilkat.Http")

$oReq = ObjCreate("Chilkat.HttpRequest")
$oReq.AddParam "client_assertion_type","urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
$oReq.AddParam "grant_type","client_credentials"
$oReq.AddParam "client_assertion",$sJwtStr
$oReq.AddParam "scope","tikkie"

$oReq.HttpVerb = "POST"
$oReq.ContentType = "application/x-www-form-urlencoded"

$oResp = ObjCreate("Chilkat.HttpResponse")
$bSuccess = $oHttp.HttpReq("https://api-sandbox.abnamro.com/v1/oauth/token",$oReq,$oResp)
If ($bSuccess = False) Then
    ConsoleWrite($oHttp.LastErrorText & @CRLF)
    Exit
EndIf

If ($oResp.StatusCode <> 200) Then
    ConsoleWrite($oResp.BodyStr & @CRLF)
    Exit
EndIf

; Get the JSON result:
; {
;     "access_token": "{your access token}",
;     "expires_in": "{duration of validity in seconds}",
;     "scope": "{scope(s) for which the access token is valid}",
;     "token_type": "{it is always Bearer}"
; }
$oJson = ObjCreate("Chilkat.JsonObject")
$oJson.Load($oResp.BodyStr)
ConsoleWrite("access_token: " & $oJson.StringOf("access_token") & @CRLF)
ConsoleWrite("token_type: " & $oJson.StringOf("token_type") & @CRLF)
ConsoleWrite("expires_in: " & $oJson.StringOf("expires_in") & @CRLF)
ConsoleWrite("scope: " & $oJson.StringOf("scope") & @CRLF)